Is it possible to send an email from an EC2 instance and join some files with it to the owner of the instance ?
The idea is to compute some things with a Python script, to store the informations in a database and to generate two files of result and log.
It would be great if I can automatize it so that I receive these two files in an email and the instance stops after it.
Yes, you can send email from an ec2 instance using the AWS SES service.
When you launch your instance, you can assign it a role. That role should have rights to send email using SES, and if you want it to shut down when you're done then you'd add the StopInstances permission as well.
You would then use the AWS CLI tool to stop the instance. You can get the current instance ID from the instance metadata.
Related
Is there any service or way to manage FTP/SFTP access giving to multiple users on AWS EC2 Instance?
I am working on a client's website where the client wants to add 1 more developer and asked me to give him access to the server. Also, he wants to remove that developer access once his work is finished. Is it possible to add an FTP/SFTP connection manager on EC2 Instance? or something similar?
AWS has a fully-managed SFTP service for Amazon S3, but it appears that you are running FTP on an Amazon EC2 instance.
AWS does not have access to your instance. Therefore, you would be responsible for making any configuration changes on the instance that you need. You might want to do this via the AWS Systems Manager Run Command, which can execute commands on an EC2 instance if the AWS Systems Manager agent has been installed. However, you would be responsible for writing the script of commands that you want executed on the instance.
I will also mention that FTP is quite an old protocol and an old way of transferring data. If possible, you should consider using Amazon S3 for storage of files rather than an FTP server.
Can I fetch the details of the user who created the instance in AWS using
instance-id
ami id
tag details
or anything?
I want to contact the person who created a particular instance under a particular role. How can I achieve this?
You can query CloudTrail logs to find the user who started the instances.
Here is the Python Boto3 script I have created to list all the instances and owner.
https://gist.github.com/sudharsans/39d5eaf8a82b7ccdf8b3230d13ba7d81
You can query the Cloudtrail events, and if you need more derailed info. then you can make use of AWS Config which will give you even granular details
I want to send SMS using AWS Simple Notification Service from EC2 containers in AWS. Is it possible to send the SMS without using Secret Key and Access Key.
In IAM any permissions can be added ?
Thanks in advance.
I will try to clarify the previous answer.
It is possible to assign a role to a running EC2 instance with required permissions (e. g. sending a message through SNS)
The client running on the instance doesn't need to provide any explicit AWS credentials (under the hood the SDK implement will acquire and use temporary credentials from the metadata service)
Try assigning required action permission from below list to the IAM role attached to EC2 instance
https://docs.aws.amazon.com/IAM/latest/UserGuide/list_sns.html
I forgot my AWS account, I tried all the email account in the reset password page I can remember, still no luck. Right now I can connect to my ec2 instance ip using ssh, what can I do if I use the server to help me remember my AWS account? I wrote several email to them, still not a single reply.
Find the hostname, instance id or other metadata of the instance.
$ curl http://169.254.169.254/latest/meta-data/hostname
ec2-203-0-113-25.compute-1.amazonaws.com
With that information they can track down your account.
See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
Running this command from the EC2 instance will give you your AWS accountId among other information:
curl http://169.254.169.254/latest/dynamic/instance-identity/document
This is what I am trying to do:
We have IAM in place and each user logs in to the AWS console with his/her respective email address and create the EC2 instance. I being the Administrator, when I login to AWS console, I see a whole bunch of Instance created and many of them are not even utilized. However, I am not able to figure who created those instances.
Question:
Is there a way to map EC2 Instances with the email address of the user who created it? I have thoroghly explored EC2 CLI but it was of no help. Is there a way to do this via SDK? OR did I overlook something?
Thanks.
To keep it simple without having to use an SDK outside of the CLI, you could create the tag "Owner" and have your users tag their instances they create with their name/email. You can then click on the "Show/Hide" button in the EC2 Management Console to add your tag to the other data that is shown in the console. It allows you to filter and sort instances by the value of the tag. This isn't a fail proof solution since it depends on your users to create the tags, but it is simple.